SWIFT warns on vendor security after documents leaked by hackers

Jim Finkle

3 Min Read

(Reuters) - SWIFT, the global bank messaging system, on Monday advised clients to pay close attention to security when selecting firms to help them access the network following the release of data that suggested the U.S. government sought to spy on their clients.

Swift code bank logo is displayed on an iPhone 6s on top of Euro banknotes in this picture illustration made in Zenica, Bosnia and Herzegovina, January 26, 2016. Picture taken January 26. Reuters/Dado Ruvic

“Customers should pay close attention (to) their own security and take security into consideration when selecting a service bureau and working with other third-party providers,” SWIFT, also known as the Society for Worldwide Interbank Financial Telecommunication, said in a press release published on its website.

A hacking group calling itself the Shadow Brokers on Friday released files that cyber security experts said suggest the U.S. National Security Agency sought to monitor messaging traffic by hacking into the networks of two firms in the Middle East and Latin America known as service bureaus, which help SWIFT clients access SWIFT.

The NSA has not responded to requests for comment on the Shadow Brokers’ release but the data dumped by the group prompted bank security teams to work over the Easter weekend to learn more about hacking operations described in the documents and better understand attack code released with the file dump.

“We are still trying to get a full understanding as to whether this information is all accurate,” said John Carlson, an executive with the Financial Services and Information Sharing and Analysis Center, a bank security group that shares data on emerging cyber threats.

“There are a lot of allegations included in the material. It is an ongoing process to understand if this information is all real,” Carlson said.

SWIFT also said that it had asked the two service bureaus, Dubai-based EastNets and Business Computer Group (BCG) Panama, for information about their security practices.

“We are in close contact with the service bureau to remind them of their responsibility to inform their customers and to perform additional checks against the identified and other known threats, as well as to make sure that any necessary additional preventative measures are put in place,” SWIFT said on its website.

Representatives with the two firms could not be reached for comment on Monday. SWIFT did not respond to requests for more details on its communications with EastNets and BCG.

EastNets said on its website over the weekend that it reviewed its network and found no evidence of a cyber attack or security vulnerabilities. “The EastNets Network internal Security Unit has ran a complete check of its servers and found no hacker compromise or any vulnerabilities,” the site quoted Chief Executive Hazem Mulhim as saying.

Reporting by Jim Finkle in Toronto; Additional reporting by Dan Freed, David Henry and Olivia Oran in New York; Editing by Tom Brown